You know it’s critical when even the big industries aren’t safe from malicious attacks. This is exactly what’s happening these days as a far-reaching phishing campaign is on loose and this time its targets are high-level industry executives.
The main focus of this campaign is to acquire the login credentials of those executives, and it does so by sending a spoof e-mail, which seems like one from CEO of the company themselves. The message informs the executives to reschedule a board meeting and asks them to choose a new date from a given poll, based on their date/time preferences.
However, this is a complete fraud because voting for an option requires the executives to log in, and once they submit their login details, the data is directly sent to the attackers. The reason why many fall prey to this attack is because the spoof message looks quite authentic. The sender’s name and e-mail address is the same as that of the Company CEO. Then, the subject line includes the Company name and a well-written note which is enough to convince majority of the victims.
What makes it even more convincing is that once the link for rescheduling is clicked, the users are taken to a login page for Microsoft Outlook and Office 365, which in reality is a phishing site used to acquire the submitted data. All of this was spotted by researchers at GreatHorn, a security firm.
When the e-mail is viewed on a mobile device however, the content remains exactly as it is but the display name gets changed to “Note to Self”.
The most concerning aspect of this campaign is that a successful phishing attempt can give the attackers access to important and sensitive information, which in turn can be used for something worse.
GreatHorn researchers also concluded that one in every seven customers of the firm were prone to this attack. However until now, before any significant damage could have been done, the attackers were taken care of.
It remains unclear whether the campaign is still up and running but it’s better to be prepared beforehand so that important data cannot be compromised. Thus, users are strictly advised to keep their guard up while assessing such suspicious e-mails.
Read next: Google Chrome Informs You if Your Log In Information Has Been Stolen
The main focus of this campaign is to acquire the login credentials of those executives, and it does so by sending a spoof e-mail, which seems like one from CEO of the company themselves. The message informs the executives to reschedule a board meeting and asks them to choose a new date from a given poll, based on their date/time preferences.
However, this is a complete fraud because voting for an option requires the executives to log in, and once they submit their login details, the data is directly sent to the attackers. The reason why many fall prey to this attack is because the spoof message looks quite authentic. The sender’s name and e-mail address is the same as that of the Company CEO. Then, the subject line includes the Company name and a well-written note which is enough to convince majority of the victims.
What makes it even more convincing is that once the link for rescheduling is clicked, the users are taken to a login page for Microsoft Outlook and Office 365, which in reality is a phishing site used to acquire the submitted data. All of this was spotted by researchers at GreatHorn, a security firm.
Related: Massive Data Leak: Collection #2-5 reveals over 2.2 billion usernames, emails and passwords
When the e-mail is viewed on a mobile device however, the content remains exactly as it is but the display name gets changed to “Note to Self”.
The most concerning aspect of this campaign is that a successful phishing attempt can give the attackers access to important and sensitive information, which in turn can be used for something worse.
GreatHorn researchers also concluded that one in every seven customers of the firm were prone to this attack. However until now, before any significant damage could have been done, the attackers were taken care of.
It remains unclear whether the campaign is still up and running but it’s better to be prepared beforehand so that important data cannot be compromised. Thus, users are strictly advised to keep their guard up while assessing such suspicious e-mails.
Read next: Google Chrome Informs You if Your Log In Information Has Been Stolen
